GRD Journals- Global Research and Development Journal for Engineering | Volume 3 | Issue 3 | February 2018 ISSN: 2455-5703
A Dedicated Setup to Recognize Spoofing in LAN/ Wi-Fi via IP Configuration Bhuvana Natarajan Student Department of Information Technology Jeppiaar Maamallan Engineering College, Chennai, Tamil Nadu, India Nivetha Kuppusamy Student Department of Information Technology Jeppiaar Maamallan Engineering College, Chennai, Tamil Nadu, India
Mrs. S. Nalini Assistant Professor Department of Information Technology Jeppiaar Maamallan Engineering College, Chennai, Tamil Nadu, India
Abstract In computer networks, it consists of policies and practises adopted to prevent and monitor unauthorised access. Networks can be both public and private where many of the counter attacks were practised. It is long known that IP spoofing or IP address spoofing is one of the major threats in communication protocol. IP spoofing is nothing but IP packets with forged source IP address, with purpose of concealing the identity of sender or impersonating an another computer system by forging the source address of packet header so it contains a different address, an attacker can make it appear that the packet was sent by a different machine .so that the IP spoofing comes into place. In existing, Passive IP trace back (PIT) that bypasses the deployment difficulties of IP trace back techniques. Though PIT cannot work in all the spoofing attacks and therefore we have proposed a novel idea, to restrict the Man in the Middle Attack (MITM) by providing inbound and outbound rules to avoid the challenges in operation. As long as the real origin of IP spoofing is not disclosed they cannot be deterred from launching further attacks. So the proposed solution ensures that the entity requesting for a service is an actual recipient by trace back the real identification of an attacker. Keywords- IP Spoofing, Man in the Middle Attack (MITM), Inbound and Outbound Rules, Call Traceback
I. INTRODUCTION Perfect demonstrating and assessment of computer networks rely on the availability of large datasets of Internet flows acquired from backbone links. Those data are needed to support several research tasks, including Internet traffic analysis, modeling of topological distribution, identification of security attacks, and validation of research results. Unfortunately, serious privacy and security concerns discourage the publication of such datasets. On the one hand, network flows carry extremely confidential information that should not be released for privacy reasons. For this reason we assume that the payload is removed from all packets. However, an adversary observing the source and destination IP addresses may associate an individual with the web sites that he/she visited, and thus he may infer private information such as political opinions, health issues, or religious belief. Similarly, Internet flows may reveal personal communications among specific individuals, such as e-mail exchanges and chat sessions among them. On the other hand, those datasets may also help an adversary to perform security attacks. For instance, observing the traffic of a target network, an adversary could identify possible bottlenecks to be exploited for several attacks. For these reasons, several techniques were proposed to sanitize network flows while preserving their utility. Early techniques were based on the substitution of the real IP addresses with pseudo-IDs. However, that method proved to be vulnerable to different kinds of attacks, based on the knowledge of network characteristics, or on the capacity to inject bogus flows in the monitored network. More recently, several techniques have been proposed to avoid the re-identification of IP addresses, based on the perturbation of other fields of the flows. However, those techniques do not provide any formal confidentiality guarantee, and it has been recently shown that they are prone to different kinds of attacks. Indeed, the computational costs and the memory requirements for obfuscating a large dataset could be strongly reduced by partitioning the dataset in smaller subsets and by running the theft process independently on each subset. With respect to our previous work, the original contributions of this paper consist in: 1) the identification of confidentiality traces: 2) a novel defense algorithm to apply –theft to incremental releases of network traces: 3) a theoretical proof of the confidentiality guarantees provided by the defense techniques. Our results show that our technique preserves the data quality in both the single and the incremental release.
All rights reserved by www.grdjournals.com
40